[Cloud Security] Alerts Datagrids for Contextual Flyout#199573
[Cloud Security] Alerts Datagrids for Contextual Flyout#199573animehart merged 25 commits intoelastic:mainfrom
Conversation
|
/ci |
|
/ci |
|
/ci |
animehart
added
backport:prev-minor
release_note:skip
|
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security) |
…f github.com:animehart/kibana into contextual-flyout-alerts-datagrid-from-preview-mark1
|
|
||
| const totalAlertsCount = alertStats.reduce((total, item) => total + item.count, 0); | ||
|
|
||
| const { data } = useMisconfigurationPreview({ |
There was a problem hiding this comment.
I don't understand why we need all this logic (getting misconfigs, vulnerabilities, riskScore) in the alert preview. From what I see we open the Alerts data grid in the left section of the flyout, this section doesn't have information about risk, misconfigs and vulnerabilities, then why all this data is needed?
There was a problem hiding this comment.
We need this to pass it to the openLeftPanel, if we don't have this then when user opens the left panel, it doesn't know if it also has to render Misconfiguration/Vulnerabilities/Risk Score tabs
this logic is also being used on the 2 other preview component
There was a problem hiding this comment.
Follow up on our discussion in DM:
- First problem that we want to address is to encapsulate this logic in one place because right now it's copied over in 6 different places. We can start with one hook per piece of business logic (alerts, misconfigs, vulnerabilities, risk score) exposing and consuming only the pieces needed to a particular component. another possibility is to share this state through context
- Another question, probably post 8.17 FF is to check if it's a good idea to have all these props passed to
openLeftPanel. We do similar things in 3 places: load data we don't need in the component only to pass it to openLeftPanel. Maybe it should be self aware and get the information required to show the tabs by itself instead of getting them from the props
There was a problem hiding this comment.
Here is the followup PR point number 1 above
| ) : activeInsightsId === CspInsightLeftPanelSubTab.VULNERABILITIES ? ( | ||
| <VulnerabilitiesFindingsDetailsTable queryName={name} /> | ||
| ) : ( | ||
| // <div>{'ALERTS HERE'}</div> //AlertsDetailsTable |
|
|
||
| const hasMisconfigurationFindings = passedFindings > 0 || failedFindings > 0; | ||
|
|
||
| const { signalIndexName } = useSignalIndex(); |
There was a problem hiding this comment.
you have this logic duplicated in multiple places, we need to abstract it
| <MisconfigurationsPreview | ||
| name={name} | ||
| fieldName={fieldName} | ||
| hasNonClosedAlerts={alertsCount > 0} |
There was a problem hiding this comment.
It feels conceptually incorrect that the Misconfiguration and Vulnerability preview should know about non-closed alerts. Why do we need it here?
There was a problem hiding this comment.
same reason as the checking existence of Misconfiguration and Vulnerability in Alerts Preview, we need to pass this information when opening left panel so it knows what tabs gets rendered
machadoum
left a comment
machadoum
left a comment
There was a problem hiding this comment.
EA team changes LGTM!
I left some minor comments. Could you please take a look?
| const alertsOpenCount = alertsData?.open?.total || 0; | ||
|
|
||
| const alertsAcknowledgedCount = alertsData?.acknowledged?.total || 0; | ||
|
|
||
| const alertsCount = alertsOpenCount + alertsAcknowledgedCount; | ||
|
|
||
| const hasNonClosedAlerts = alertsCount; |
There was a problem hiding this comment.
nit: When a variable name starts with "has", it is expected to be a boolean.
| const alertsOpenCount = alertsData?.open?.total || 0; | |
| const alertsAcknowledgedCount = alertsData?.acknowledged?.total || 0; | |
| const alertsCount = alertsOpenCount + alertsAcknowledgedCount; | |
| const hasNonClosedAlerts = alertsCount; | |
| const hasNonClosedAlerts = (alertsData?.acknowledged?.total || 0 + alertsData?.open?.total || 0) > 0; |
| ) : activeInsightsId === CspInsightLeftPanelSubTab.VULNERABILITIES ? ( | ||
| <VulnerabilitiesFindingsDetailsTable queryName={name} /> | ||
| ) : ( | ||
| // <div>{'ALERTS HERE'}</div> //AlertsDetailsTable |
There was a problem hiding this comment.
You forgot some comments here.
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
History
|
|
|
||
| const { openLeftPanel } = useExpandableFlyoutApi(); | ||
|
|
||
| const goToEntityInsightTab = useCallback(() => { |
There was a problem hiding this comment.
let's also move this logic into own component/utility . You have this goToEntityInsightTab in all three preview component, and it's only different by subTab and the tooltip. So it can be just a hook that depending on the passed type (alerts, misconfiguration, vulnerability) returns the link
|
To not turn PR into huge refactoring PR, let's merge this one and do the refactoring of removing code duplication in a follow up. I tested the current logic, it works as expected |
|
Starting backport for target branches: 8.x https://github.com/elastic/kibana/actions/runs/11843860481 |
## Summary This PR is for Alerts Datagrid component in Contextual Flyout This PR is for Alerts Datagrid in Contextual Flyout for User name and Host name <img width="1480" alt="Screenshot 2024-11-14 at 9 08 26 AM" src="https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502"> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit ab965f7)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
… (#200245) # Backport This will backport the following commits from `main` to `8.x`: - [[Cloud Security] Alerts Datagrids for Contextual Flyout (#199573)](#199573) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Rickyanto Ang","email":"rickyangwyn@gmail.com"},"sourceCommit":{"committedDate":"2024-11-14T19:07:26Z","message":"[Cloud Security] Alerts Datagrids for Contextual Flyout (#199573)\n\n## Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot 2024-11-14 at 9 08 26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud Security","backport:prev-minor","v8.17.0"],"title":"[Cloud Security] Alerts Datagrids for Contextual Flyout","number":199573,"url":"https://github.com/elastic/kibana/pull/199573","mergeCommit":{"message":"[Cloud Security] Alerts Datagrids for Contextual Flyout (#199573)\n\n## Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot 2024-11-14 at 9 08 26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199573","number":199573,"mergeCommit":{"message":"[Cloud Security] Alerts Datagrids for Contextual Flyout (#199573)\n\n## Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot 2024-11-14 at 9 08 26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Rickyanto Ang <rickyangwyn@gmail.com>
## Summary This PR is for Alerts Datagrid component in Contextual Flyout This PR is for Alerts Datagrid in Contextual Flyout for User name and Host name <img width="1480" alt="Screenshot 2024-11-14 at 9 08 26 AM" src="https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502"> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary This PR is for Alerts Datagrid component in Contextual Flyout This PR is for Alerts Datagrid in Contextual Flyout for User name and Host name <img width="1480" alt="Screenshot 2024-11-14 at 9 08 26 AM" src="https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502"> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
5 participants
Summary
This PR is for Alerts Datagrid component in Contextual Flyout
This PR is for Alerts Datagrid in Contextual Flyout for User name and Host name
